Users' Rights #12

Closed
opened 3 years ago by fede · 4 comments
fede commented 3 years ago
Owner

Your Rights

Under the GDPR you have a number of rights with regard to your personal data:

  • a. Right to access - The right to request (I) copies of your personal Data or (II) access to the information you submited and we hold at any time.
  • b. Right to correct - The right to have your Data rectified if it is inaccurate or incomplete.
  • c. Right to erase - The right to request delete or remove your Data from our servers.
  • d. Right to restrict the use of your Data - The right to restrict processing or limit the way we use your Data.
  • e. Right to Data portability - The right to move, copy or transfer your Data.
  • f. Right to object - The right to object to our use of your Data.

To make enquires, excercise any of the rights described above or withdraw your consent to the processing of your Data (where consent is our legal basis for processing your Data), please contact us via email to:

For the purposes of the GDPR, Disroot.org is the "data controller". This means that Disroot determines the purposes for which and the manner which your data is processed.

If you are not satisfied with the way a compliant you make regarding to how your Data is handled by us, you have the right to send a complaint to the Information Commissioners’ Office.

## Your Rights Under the **GDPR** you have a number of rights with regard to your personal data: * a. **Right to access** - The right to request (I) copies of your personal Data or (II) access to the information you submited and we hold at any time. * b. **Right to correct** - The right to have your Data rectified if it is inaccurate or incomplete. * c. **Right to erase** - The right to request delete or remove your Data from our servers. * d. **Right to restrict the use of your Data** - The right to restrict processing or limit the way we use your Data. * e. **Right to Data portability** - The right to move, copy or transfer your Data. * f. **Right to object** - The right to object to our use of your Data. To make enquires, excercise any of the rights described above or withdraw your consent to the processing of your Data (where consent is our legal basis for processing your Data), please contact us via email to: - **data.protection.officer@disroot.org** - Person responsible for Privacy Policy - **info@disroot.org** - General contact information For the purposes of the **GDPR**, **Disroot.org** is the "data controller". This means that **Disroot** determines the purposes for which and the manner which your data is processed. If you are not satisfied with the way a compliant you make regarding to how your Data is handled by us, you have the right to send a complaint to the Information Commissioners’ Office.
fede added this to the 1.2 milestone 3 years ago
Owner

Nice job. Perhaps we should add the link to user.disroot.org so that people can remove their account easily

Nice job. Perhaps we should add the link to user.disroot.org so that people can remove their account easily
Poster
Owner

I think that link you mention could be on Access to your information.

I think that link you mention could be on Access to your information.
Owner

e. Right to Data portability - The right to request that we move, copy or transfer your Data.

I'm thinking it should be 'the right to move...', not to request that we do it for them. Or 'the right to request your data in order to move...'

e. Right to Data portability - The right to request that we move, copy or transfer your Data. I'm thinking it should be 'the right to move...', not to request that we do it for them. Or 'the right to request your data in order to move...'
Poster
Owner

This is a complicated article. Complicated in a practical sense.

The GDPR art. 20: Right to data portability, says:

  1. The data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where:
    -(a) the processing is based on consent pursuant to point (a) of Article 6(1) or point (a) of Article 9(2) or on a contract pursuant to point (b) of Article 6(1); and
  • (b) the processing is carried out by automated means.
  1. In exercising his or her right to data portability pursuant to paragraph 1, the data subject shall have the right to have the personal data transmitted directly from one controller to another, where technically feasible.

I changed it. I think it meets the GDPR requirements.

This is a complicated article. Complicated in a practical sense. The GDPR art. 20: Right to data portability, says: 1. The data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where: -(a) the processing is based on consent pursuant to point (a) of Article 6(1) or point (a) of Article 9(2) or on a contract pursuant to point (b) of Article 6(1); and - (b) the processing is carried out by automated means. 2. In exercising his or her right to data portability pursuant to paragraph 1, the data subject shall have the right to have the personal data transmitted directly from one controller to another, where technically feasible. I changed it. I think it meets the GDPR requirements.
fede closed this issue 2 years ago
Sign in to join this conversation.
No Milestone
No Assignees
3 Participants
Notifications
Due Date

No due date set.

Dependencies

This issue currently doesn't have any dependencies.

Loading…
There is no content yet.